Home Explore Help
Sign In
someonewithpc
/
gnufm
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
gnufm
/
nixtape
/
user-edit.php

user-edit.php 6.7 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186 
  1. <?php
    2. 

  2. 

  3. /* GNU FM -- a free network service for sharing your music listening habits
    4. 

  4. 

  5.    Copyright (C) 2009 Free Software Foundation, Inc
    6. 

  6. 

  7.    This program is free software: you can redistribute it and/or modify
    8. 

  8.    it under the terms of the GNU Affero General Public License as published by
    9. 

  9.    the Free Software Foundation, either version 3 of the License, or
    10. 

  10.    (at your option) any later version.
    11. 

  11. 

  12.    This program is distributed in the hope that it will be useful,
    13. 

  13.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    14. 

  14.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    15. 

  15.    GNU Affero General Public License for more details.
    16. 

  16. 

  17.    You should have received a copy of the GNU Affero General Public License
    18. 

  18.    along with this program.  If not, see <http://www.gnu.org/licenses/>.
    19. 

  19. 

  20. */
    21. 

  21. 

  22. require_once('database.php');
    23. 

  23. require_once('templating.php');
    24. 

  24. require_once('user-menu.php');
    25. 

  25. require_once('data/User.php');
    26. 

  26. require_once('data/TagCloud.php');
    27. 

  27. 

  28. if ($logged_in == false) {
    29. 

  29. 	displayError("Error", "Not logged in. You shouldn't be here.");
    30. 

  30. }
    31. 

  31. 

  32. $errors = array();
    33. 

  33. 

  34. if ($_POST['submit']) {
    35. 

  35. 	if (!empty($_POST['id'])) {
    36. 

  36. 		# Need better URI validation, but this will do for now. I think
    37. 

  37. 		# PEAR has a suitable module to help out here.
    38. 

  38. 		if (!preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['id'])) {
    39. 

  39. 			$errors[] = 'WebID must be a URI.';
    40. 

  40. 		}
    41. 

  41. 		if (preg_match('/\s/', $_POST['id'])) {
    42. 

  42. 			$errors[] = 'WebID must be a URI. Valid URIs cannot contain whitespace.';
    43. 

  43. 		}
    44. 

  44. 	}
    45. 

  45. 

  46. 	if (!empty($_POST['delete_account'])) {
    47. 

  47. 		header('Location: ' . $base_url . '/delete-profile.php');
    48. 

  48. 		die();
    49. 

  49. 	}
    50. 

  50. 

  51. 	if (!empty($_POST['homepage'])) {
    52. 

  52. 		# Need better URI validation, but this will do for now. I think
    53. 

  53. 		# PEAR has a suitable module to help out here.
    54. 

  54. 		if (!preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['homepage'])) {
    55. 

  55. 			$errors[] = 'Homepage must be a URI.';
    56. 

  56. 		}
    57. 

  57. 		if (preg_match('/\s/', $_POST['homepage'])) {
    58. 

  58. 			$errors[] = 'Homepage must be a URI. Valid URIs cannot contain whitespace.';
    59. 

  59. 		}
    60. 

  60. 	}
    61. 

  61. 

  62. 	if (!empty($_POST['avatar_uri'])) {
    63. 

  63. 		# Need better URI validation, but this will do for now. I think
    64. 

  64. 		# PEAR has a suitable module to help out here.
    65. 

  65. 		if (!preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['avatar_uri'])) {
    66. 

  66. 			$errors[] = 'Avatar must be a URI.';
    67. 

  67. 		}
    68. 

  68. 		if (preg_match('/\s/', $_POST['avatar_uri'])) {
    69. 

  69. 			$errors[] = 'Avatar must be a URI. Valid URIs cannot contain whitespace.';
    70. 

  70. 		}
    71. 

  71. 	}
    72. 

  72. 

  73. 	if (!empty($_POST['laconica_profile'])) {
    74. 

  74. 		# Need better URI validation, but this will do for now. I think
    75. 

  75. 		# PEAR has a suitable module to help out here.
    76. 

  76. 		if (!preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['laconica_profile'])) {
    77. 

  77. 			$errors[] = 'Laconica profile must be a URI.';
    78. 

  78. 		}
    79. 

  79. 		if (preg_match('/\s/', $_POST['laconica_profile'])) {
    80. 

  80. 			$errors[] = 'Laconica profile must be a URI. Valid URIs cannot contain whitespace.';
    81. 

  81. 		}
    82. 

  82. 	}
    83. 

  83. 

  84. 	if (!empty($_POST['journal_rss'])) {
    85. 

  85. 		# Need better URI validation, but this will do for now. I think
    86. 

  86. 		# PEAR has a suitable module to help out here.
    87. 

  87. 		if (!preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['journal_rss'])) {
    88. 

  88. 			$errors[] = 'Journal RSS must be a URI.';
    89. 

  89. 		}
    90. 

  90. 		if (preg_match('/\s/', $_POST['journal_rss'])) {
    91. 

  91. 			$errors[] = 'Journal RSS must be a URI. Valid URIs cannot contain whitespace.';
    92. 

  92. 		}
    93. 

  93. 	}
    94. 

  94. 

  95. 	if (!empty($_POST['password_1'])) {
    96. 

  96. 		if ($_POST['password_1'] != $_POST['password_2']) {
    97. 

  97. 			$errors[] = 'Passwords do not match.';
    98. 

  98. 		}
    99. 

  99. 	}
    100. 

  100. 

  101. 	if (!empty($_POST['location_uri'])) {
    102. 

  102. 		# Currently only allow geonames URIs, but there's no reason we can't accept
    103. 

  103. 		# others at some point in the future. (e.g. dbpedia)
    104. 

  104. 		if (!preg_match('/^http:\/\/sws.geonames.org\/[0-9]+\/$/', $_POST['location_uri'])) {
    105. 

  105. 			$errors[] = 'This should be a geonames.org semantic web service URI.';
    106. 

  106. 		}
    107. 

  107. 	}
    108. 

  108. 

  109. 	if (!isset($errors[0])) {
    110. 

  110. 		# Currently we don't allow them to change e-mail as we probably should
    111. 

  111. 		# have some kind of confirmation login to do so.
    112. 

  112. 		$this_user->id               = $_POST['id'];
    113. 

  113. 		$this_user->fullname         = $_POST['fullname'];
    114. 

  114. 		$this_user->homepage         = $_POST['homepage'];
    115. 

  115. 		$this_user->bio              = $_POST['bio'];
    116. 

  116. 		$this_user->location         = $_POST['location'];
    117. 

  117. 		$this_user->location_uri     = $_POST['location_uri'];
    118. 

  118. 		$this_user->avatar_uri       = $_POST['avatar_uri'];
    119. 

  119. 		$this_user->laconica_profile = $_POST['laconica_profile'];
    120. 

  120. 		$this_user->journal_rss      = $_POST['journal_rss'];
    121. 

  121. 		$this_user->anticommercial   = $_POST['anticommercial'] == 'on' ? 1 : 0;
    122. 

  122. 		$this_user->receive_emails   = $_POST['receive_emails'] == 'on' ? 1 : 0;
    123. 

  123. 

  124. 		if (!empty($_POST['password_1'])) {
    125. 

  125. 			$this_user->password = md5($_POST['password_1']);
    126. 

  126. 		}
    127. 

  127. 

  128. 		$this_user->save();
    129. 

  129. 

  130. 		header('Location: ' . $this_user->getURL());
    131. 

  131. 		exit;
    132. 

  132. 	}
    133. 

  133. }
    134. 

  134. 

  135. if (isset($this_user->name)) {
    136. 

  136. 	if (isset($errors[0])) {
    137. 

  137. 		$smarty->assign('errors', $errors);
    138. 

  138. 	}
    139. 

  139. 	# Stuff which cannot be changed.
    140. 

  140. 	$smarty->assign('acctid', $this_user->acctid);
    141. 

  141. 	$smarty->assign('avatar', $this_user->getAvatar());
    142. 

  142. 	$smarty->assign('user',   $this_user->name);
    143. 

  143. 

  144. 	# Stuff which cannot be changed *here*
    145. 

  145. 	$smarty->assign('userlevel', $this_user->userlevel);
    146. 

  146. 

  147. 	# Stuff which cannot be changed *yet*
    148. 

  148. 	$smarty->assign('email', $this_user->email);
    149. 

  149. 

  150. 	if ($_POST['submit']) {
    151. 

  151. 		$smarty->assign('id',               $_POST['id']);
    152. 

  152. 		$smarty->assign('fullname',         $_POST['fullname']);
    153. 

  153. 		$smarty->assign('bio',              $_POST['bio']);
    154. 

  154. 		$smarty->assign('homepage',         $_POST['homepage']);
    155. 

  155. 		$smarty->assign('location',         $_POST['location']);
    156. 

  156. 		$smarty->assign('location_uri',     $_POST['location_uri']);
    157. 

  157. 		$smarty->assign('avatar_uri',       $_POST['avatar_uri']);
    158. 

  158. 		$smarty->assign('laconica_profile', $_POST['laconica_profile']);
    159. 

  159. 		$smarty->assign('journal_rss',      $_POST['journal_rss']);
    160. 

  160. 		$smarty->assign('anticommercial',   $_POST['anticommercial'] == 'on' ? 1 : 0);
    161. 

  161. 		$smarty->assign('receive_emails',   $_POST['receive_emails'] == 'on' ? 1 : 0);
    162. 

  162. 	} else {
    163. 

  163. 		$smarty->assign('id',               $this_user->webid_uri);
    164. 

  164. 		$smarty->assign('fullname',         $this_user->fullname);
    165. 

  165. 		$smarty->assign('bio',              $this_user->bio);
    166. 

  166. 		$smarty->assign('homepage',         $this_user->homepage);
    167. 

  167. 		$smarty->assign('location',         $this_user->location);
    168. 

  168. 		$smarty->assign('location_uri',     $this_user->location_uri);
    169. 

  169. 		$smarty->assign('avatar_uri',       $this_user->avatar_uri);
    170. 

  170. 		$smarty->assign('laconica_profile', $this_user->laconica_profile);
    171. 

  171. 		$smarty->assign('journal_rss',      $this_user->journal_rss);
    172. 

  172. 		$smarty->assign('anticommercial',   $this_user->anticommercial);
    173. 

  173. 		$smarty->assign('receive_emails',   $this_user->receive_emails);
    174. 

  174. 	}
    175. 

  175. 

  176. 	# And display the page.
    177. 

  177. 	$submenu = user_menu($this_user, 'Edit');
    178. 

  178. 	$smarty->assign('submenu', $submenu);
    179. 

  179. 	$smarty->assign('me', $this_user);
    180. 

  180. 

  181. 	$smarty->assign('errors', $errors);
    182. 

  182. 	$smarty->display('user-edit.tpl');
    183. 

  183. } else {
    184. 

  184. 	displayError("User not found", "User not found, shall I call in a missing persons report?");
    185. 

  185. }
    186. 

  186.